View on GitHub

middy

🛵 The stylish Node.js middleware engine for AWS Lambda

Upgrade 1.x -> 2.x

See CHANGELOG for an overview of changes.

Version 2.x of Middy no longer supports Node.js versions 10.x. You are highly encouraged to move to Node.js 14, which support ES6 modules by default (export), optional chaining (?.) and nullish coalescing operator (??) natively.

Core

Middleware

cache

Deprecated. Too generic and had low usage.

However, you can use the following if needed:

const { createHash } = require('crypto')

module.exports = (opts) => {
  const storage = {}
  const defaults = {
    calculateCacheId: async (event) => createHash('md5').update(JSON.stringify(event)).digest('hex'),
    getValue: async (key) => storage[key],
    setValue: async (key, value) => {
      storage[key] = value
    }
  }

  const options = { ...defaults, ...opts }
  let currentCacheKey

  const cacheMiddlewareBefore = async (request) => {
    const cacheKey = await options.calculateCacheId(request.event)
    const response = await options.getValue(cacheKey)
    if (response) {
      return response
    }
    request.internal.cacheKey = cacheKey
  }

  const cacheMiddlewareAfter = async (request) => {
    await options.setValue(request.internal.cacheKey, request.response)
  }
  
  return {
    before: cacheMiddlewareBefore,
    after: cacheMiddlewareAfter
  }
}

db-manager

Deprecated. Too generic and had low usage. You can check out middy-rds as a possible alternative or example on building your own replacement.

do-not-wait-for-empty-event-loop

No change

function-shield

Deprecated. Only supported up to Node v10.

http-content-negotiation

No change

http-cors

Added new options to support more headers

http-error-handler

Added in support to honour httpError.expose. Errors with statusCode >= 500 are no longer applied to response by default. Added new option to catch any non-http and statusCode >= 500 errors

http-event-normalizer

No change

http-header-normalizer

No change

http-json-body-parser

No change

http-multipart-body-parser

No change

http-partial-response

No change

http-response-serializer

No change

http-security-headers

No longer adds statusCode:500 when there is no response.

http-urlencode-body-parser

Remove extended option. Only uses qs as the parser, formally enabled by options {extended: true}.

http-urlencode-path-parser

No change

input-output-logger

Now additionally logs response from the onError middleware stack

rds-signer

New middleware to fetch RDS credential used when connecting with IAM roles. This was built into db-manager.

s3-key-normalizer

No change

s3-object-response

New middleware to fetch and respond to S3 Object Get request event.

secrets-manager

Refactored, see documentation

sqs-json-body-parser

No change

sqs-partial-batch-failure

Replaced option sqs with AwsClient and added in more options for control.

ssm

Refactored, see documentation

sts

New middleware to fetch assume role credentials.

validator

Upgraded ajv and it’s plugins to support JSON Schema Draft 2020-12 specification. Defaults were change because of this.

warmup

Deprecated. This was a work round for a missing feature in AWS Lambda. AWS added in the ability to use provisioned concurrency on 2019-12-03, removing the need for this work around.

However, you can use the following if needed:

middy(baseHandler)
  .before((request) => {
    if (request.event.source === 'serverless-plugin-warmup') {
      console.log('Exiting early via warmup Middleware')
      return 'warmup'
    }
  })

Upgrade 0.x -> 1.x

Independent packages structure

Version 1.x of Middy features decoupled independent packages published on npm under the @middy namespace. The core middleware engine has been moved to @middy/core and all the other middlewares are moved into their own packages as well. This allows to only install the features that are needed and to keep your Lambda dependencies small. See the list below to check which packages you need based on the middlewares you use:

Header normalization in http-header-normalizer

In Middy 0.x the httpHeaderNormalizer middleware normalizes HTTP header names into their own canonical format, for instance Sec-WebSocket-Key (notice the casing). In Middy 1.x this behavior has been changed to provide header names in lowercase format (e.g. sec-webSocket-key). This new behavior is more consistent with what Node.js core http package does and what other famous http frameworks like Express or Fastify do, so this is considered a more intuitive approach. When updating to Middy 1.x, make sure you double check all your references to HTTP headers and switch to the lowercase version to read them. All the middy core modules have been already updated to support the new format, so you should worry only about your userland code.

Node.js 10 and 12 now supported / Node.js 6 and 8 now dropped

Version 1.x of Middy no longer supports Node.js versions 6.x and 8.x as these versions have been dropped by the AWS Lambda runtime itself and not supported anymore by the Node.js community. You are highly encouraged to move to Node.js 12 or 10, which are the new supported versions in Middy 1.x.